On-Premises Authentication

In this topic

App login provides your users access to premium content and services on your behalf. In this scenario, your app accesses content using hard-coded credentials that belong to your registered app (see using a proxy service to address this potential security risk). Users are not prompted to log in because they are logged in with your app's credentials. Using this model, users have access to any public resources you have access to, and consume your service credits for premium content. There are certain limitations and restrictions using app login.

Note:

The first step in this process is to register an application on ArcGIS Online or ArcGIS for Developers to obtain the necessary application credentials used with the authentication process.

Registering your application

When you register your application with ArcGIS Online you are given credentials that allow you to initiate named user login or app login. Follow these steps to register your app and generate your credentials:

Note:

Getting a token

Once you have registered your application and obtained a client_id and client_secret, you implement app login to obtain a token. The path to follow from here will depend on which SDK you choose to implement your app with.

Using an ArcGIS Runtime SDK

Using REST

When you are not using one of the ArcGIS SDKs you can implement app login with any platform of your choosing as long as you can generate HTTPS POST requests and receive JSON responses. Following these instructions:

Your application makes a POST request to https://www.arcgis.com/sharing/rest/oauth2/token/ with your client_id and client_secret.

An access_token is contained in the JSON response.

Pass the access_token whenever a token parameter is required in a request.

Error codes generally range 400-499 as standard HTTP status codes and the message indicates details of the failure. Common failures are due to an expired or invalid token. In this case generate a new token and try your request again.